From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports

---
 plugins/acl/config.inc.php.dist |   26 ++++++++++++++++++++------
 1 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/plugins/acl/config.inc.php.dist b/plugins/acl/config.inc.php.dist
index f957a23..ed70002 100644
--- a/plugins/acl/config.inc.php.dist
+++ b/plugins/acl/config.inc.php.dist
@@ -3,17 +3,31 @@
 // Default look of access rights table
 // In advanced mode all access rights are displayed separately
 // In simple mode access rights are grouped into four groups: read, write, delete, full 
-$rcmail_config['acl_advanced_mode'] = false;
+$config['acl_advanced_mode'] = false;
 
 // LDAP addressbook that would be searched for user names autocomplete.
-// That should be an array refering to the $rcmail_config['ldap_public'] array key
+// That should be an array refering to the $config['ldap_public'] array key
 // or complete addressbook configuration array.
-$rcmail_config['acl_users_source'] = '';
+$config['acl_users_source'] = '';
 
 // The LDAP attribute which will be used as ACL user identifier
-$rcmail_config['acl_users_field'] = 'mail';
+$config['acl_users_field'] = 'mail';
 
 // The LDAP search filter will be &'d with search queries
-$rcmail_config['acl_users_filter'] = '';
+$config['acl_users_filter'] = '';
 
-?>
+// Enable LDAP groups in user autocompletion.
+// Note: LDAP addressbook defined in acl_users_source must include groups config
+$config['acl_groups'] = false;
+
+// Prefix added to the group name to build IMAP ACL identifier
+$config['acl_group_prefix'] = 'group:';
+
+// The LDAP attribute (or field name) which will be used as ACL group identifier
+$config['acl_group_field'] = 'name';
+
+// Include the following 'special' access control subjects in the ACL dialog;
+// Defaults to array('anyone', 'anonymous') (not when set to an empty array)
+// Example: array('anyone') to exclude 'anonymous'.
+// Set to an empty array to exclude all special aci subjects.
+$config['acl_specials'] = array('anyone', 'anonymous');

--
Gitblit v1.9.1